From c7fb0265ee8fa63c8b8e82a1d4448e28111db4a4 Mon Sep 17 00:00:00 2001 From: Ludovico Magnocavallo Date: Wed, 19 Feb 2020 11:03:12 +0100 Subject: [PATCH] Simplify tests, re-enable CI * add instance group support to compute-vm, start tests refactoring * modules/compute-vm: group fixes, tests * modules/compute-vm: minimal test beautification * simplify top-level pytest fixture * modules/dns: tests and minor tweaks * fix missing boilerplate in tests * re-add requirements file to tests folder * re-enable tests in ci build configuration --- .ci/cloudbuild.test.yaml | 28 +-- modules/compute-vm/README.md | 4 + modules/compute-vm/instance_group.tf | 215 ++++++++++++++++++ modules/compute-vm/outputs.tf | 22 ++ modules/compute-vm/variables.tf | 41 ++++ modules/dns/main.tf | 20 +- modules/dns/variables.tf | 1 + tests/__init__.py | 7 +- tests/conftest.py | 83 ++----- tests/foundations/__init__.py | 14 -- tests/foundations/business_units/__init__.py | 13 -- tests/foundations/business_units/conftest.py | 27 --- .../business_units/terraform.tfvars | 9 - .../business_units/test_folders.py | 42 ---- .../business_units/test_outputs.py | 48 ---- .../business_units/test_projects.py | 46 ---- .../business_units/test_service_accounts.py | 34 --- tests/foundations/environments/__init__.py | 14 -- tests/foundations/environments/conftest.py | 27 --- .../foundations/environments/terraform.tfvars | 7 - .../foundations/environments/test_outputs.py | 47 ---- .../foundations/environments/test_projects.py | 44 ---- .../environments/test_service_accounts.py | 34 --- .../hub_and_spoke_vpns/conftest.py | 27 --- .../hub_and_spoke_vpns/terraform.tfvars | 3 - .../hub_and_spoke_vpns/test_cloud_routers.py | 38 ---- .../hub_and_spoke_vpns/test_firewall.py | 37 --- .../hub_and_spoke_vpns/test_outputs.py | 34 --- .../hub_and_spoke_vpns/test_vpns.py | 35 --- tests/infrastructure/shared_vpc/conftest.py | 27 --- .../shared_vpc/terraform.tfvars | 4 - .../infrastructure/shared_vpc/test_outputs.py | 29 --- .../shared_vpc/test_svpc_resources.py | 62 ----- .../__init__.py | 4 +- .../compute_vm}/__init__.py | 4 +- tests/modules/compute_vm/fixture/main.tf | 34 +++ tests/modules/compute_vm/fixture/variables.tf | 40 ++++ tests/modules/compute_vm/test_plan.py | 46 ++++ tests/modules/compute_vm/test_plan_group.py | 44 ++++ .../shared_vpc => modules/dns}/__init__.py | 4 +- tests/modules/dns/fixture/main.tf | 29 +++ tests/modules/dns/fixture/variables.tf | 43 ++++ tests/modules/dns/test_plan.py | 80 +++++++ .../fixtures/test_variable/main.tf | 76 ------- tests/modules/net_vpc/__init__.py | 14 -- tests/modules/net_vpc/conftest.py | 29 --- .../net_vpc/fixtures/vpc-iam-bindings/main.tf | 90 -------- .../net_vpc/fixtures/vpc-standalone/main.tf | 47 ---- .../net_vpc/fixtures/vpc-subnets/main.tf | 112 --------- .../modules/net_vpc/test_vpc_iam_bindings.py | 81 ------- tests/modules/net_vpc/test_vpc_standalone.py | 29 --- tests/modules/net_vpc/test_vpc_subnets.py | 62 ----- tests/requirements.txt | 5 +- 53 files changed, 650 insertions(+), 1346 deletions(-) create mode 100644 modules/compute-vm/instance_group.tf delete mode 100644 tests/foundations/__init__.py delete mode 100644 tests/foundations/business_units/__init__.py delete mode 100644 tests/foundations/business_units/conftest.py delete mode 100644 tests/foundations/business_units/terraform.tfvars delete mode 100644 tests/foundations/business_units/test_folders.py delete mode 100644 tests/foundations/business_units/test_outputs.py delete mode 100644 tests/foundations/business_units/test_projects.py delete mode 100644 tests/foundations/business_units/test_service_accounts.py delete mode 100644 tests/foundations/environments/__init__.py delete mode 100644 tests/foundations/environments/conftest.py delete mode 100644 tests/foundations/environments/terraform.tfvars delete mode 100644 tests/foundations/environments/test_outputs.py delete mode 100644 tests/foundations/environments/test_projects.py delete mode 100644 tests/foundations/environments/test_service_accounts.py delete mode 100644 tests/infrastructure/hub_and_spoke_vpns/conftest.py delete mode 100644 tests/infrastructure/hub_and_spoke_vpns/terraform.tfvars delete mode 100644 tests/infrastructure/hub_and_spoke_vpns/test_cloud_routers.py delete mode 100644 tests/infrastructure/hub_and_spoke_vpns/test_firewall.py delete mode 100644 tests/infrastructure/hub_and_spoke_vpns/test_outputs.py delete mode 100644 tests/infrastructure/hub_and_spoke_vpns/test_vpns.py delete mode 100644 tests/infrastructure/shared_vpc/conftest.py delete mode 100644 tests/infrastructure/shared_vpc/terraform.tfvars delete mode 100644 tests/infrastructure/shared_vpc/test_outputs.py delete mode 100644 tests/infrastructure/shared_vpc/test_svpc_resources.py rename tests/{infrastructure/hub_and_spoke_vpns => modules}/__init__.py (86%) rename tests/{infrastructure => modules/compute_vm}/__init__.py (86%) create mode 100644 tests/modules/compute_vm/fixture/main.tf create mode 100644 tests/modules/compute_vm/fixture/variables.tf create mode 100644 tests/modules/compute_vm/test_plan.py create mode 100644 tests/modules/compute_vm/test_plan_group.py rename tests/{infrastructure/shared_vpc => modules/dns}/__init__.py (86%) create mode 100644 tests/modules/dns/fixture/main.tf create mode 100644 tests/modules/dns/fixture/variables.tf create mode 100644 tests/modules/dns/test_plan.py delete mode 100644 tests/modules/logging_sinks/fixtures/test_variable/main.tf delete mode 100644 tests/modules/net_vpc/__init__.py delete mode 100644 tests/modules/net_vpc/conftest.py delete mode 100644 tests/modules/net_vpc/fixtures/vpc-iam-bindings/main.tf delete mode 100644 tests/modules/net_vpc/fixtures/vpc-standalone/main.tf delete mode 100644 tests/modules/net_vpc/fixtures/vpc-subnets/main.tf delete mode 100644 tests/modules/net_vpc/test_vpc_iam_bindings.py delete mode 100644 tests/modules/net_vpc/test_vpc_standalone.py delete mode 100644 tests/modules/net_vpc/test_vpc_subnets.py diff --git a/.ci/cloudbuild.test.yaml b/.ci/cloudbuild.test.yaml index 205565f834..8a5ef3c024 100644 --- a/.ci/cloudbuild.test.yaml +++ b/.ci/cloudbuild.test.yaml @@ -24,28 +24,18 @@ steps: unzip terraform_${_TERRAFORM_VERSION}_linux_amd64.zip -d /builder/home/.local/bin && rm terraform_${_TERRAFORM_VERSION}_linux_amd64.zip && chmod 755 /builder/home/.local/bin/terraform - # TODO(ludoo): reenable once development tests are ready # TODO(ludoo): add a step that detects change files and sets tests to run - # - name: python:3-alpine - # id: test-foundations - # entrypoint: pytest - # args: - # - -v - # - tests/foundations - # env: - # - PATH=/usr/local/bin:/usr/bin:/bin:/builder/home/.local/bin - # - name: python:3-alpine - # id: test-infrastructure - # entrypoint: pytest - # args: - # - -v - # - tests/infrastructure - # env: - # - PATH=/usr/local/bin:/usr/bin:/bin:/builder/home/.local/bin - # - PYTHONDONTWRITEBYTECODE=true + - name: python:3-alpine + id: test-modules + entrypoint: pytest + args: + - -v + - tests/modules + env: + - PATH=/usr/local/bin:/usr/bin:/bin:/builder/home/.local/bin substitutions: - _TERRAFORM_VERSION: 0.12.19 + _TERRAFORM_VERSION: 0.12.20 tags: - "ci" diff --git a/modules/compute-vm/README.md b/modules/compute-vm/README.md index a89582c079..d489e7cf9a 100644 --- a/modules/compute-vm/README.md +++ b/modules/compute-vm/README.md @@ -74,6 +74,8 @@ module "debian-test" { | *attached_disk_defaults* | Defaults for attached disks options. | object({...}) | | ... | | *attached_disks* | Additional disks, if options is null defaults will be used in its place. | list(object({...})) | | [] | | *boot_disk* | Boot disk properties. | object({...}) | | ... | +| *group* | Instance group (for instance use). | object({...}) | | null | +| *group_manager* | Instance group manager (for template use). | object({...}) | | null | | *hostname* | Instance FQDN name. | string | | null | | *instance_count* | Number of instances to create (only for non-template usage). | number | | 1 | | *instance_type* | Instance type. | string | | f1-micro | @@ -93,6 +95,8 @@ module "debian-test" { | name | description | sensitive | |---|---|:---:| | external_ips | Instance main interface external IP addresses. | | +| group | Instance group resource. | | +| group_manager | Instance group resource. | | | instances | Instance resources. | | | internal_ips | Instance main interface internal IP addresses. | | | names | Instance names. | | diff --git a/modules/compute-vm/instance_group.tf b/modules/compute-vm/instance_group.tf new file mode 100644 index 0000000000..17dcd44dbe --- /dev/null +++ b/modules/compute-vm/instance_group.tf @@ -0,0 +1,215 @@ +/** + * Copyright 2019 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +resource "google_compute_instance_group" "unmanaged" { + count = ( + var.group != null && ! var.use_instance_template ? 1 : 0 + ) + project = var.project_id + network = ( + length(var.network_interfaces) > 0 + ? var.network_interfaces.0.network + : "" + ) + zone = var.zone + name = var.name + description = "Terraform-managed." + instances = [ + for name, instance in google_compute_instance.default : instance.self_link + ] + dynamic named_port { + for_each = var.group.named_ports != null ? var.group.named_ports : {} + iterator = config + content { + name = config.key + port = config.value + } + } +} + +resource "google_compute_instance_group_manager" "managed" { + count = ( + var.group_manager != null && var.use_instance_template + ? var.group_manager.regional ? 0 : 1 + : 0 + ) + project = var.project_id + zone = var.zone + name = var.name + base_instance_name = var.name + description = "Terraform-managed." + target_size = var.group_manager.target_size + target_pools = ( + var.group_manager.options == null + ? null + : var.group_manager.options.target_pools + ) + wait_for_instances = ( + var.group_manager.options == null + ? null + : var.group_manager.options.wait_for_instances + ) + dynamic auto_healing_policies { + for_each = ( + var.group_manager.auto_healing_policies == null + ? [] + : [var.group_manager.auto_healing_policies] + ) + iterator = config + content { + health_check = config.value.health_check + initial_delay_sec = config.value.initial_delay_sec + } + } + dynamic update_policy { + for_each = ( + var.group_manager.update_policy == null + ? [] + : [var.group_manager.update_policy] + ) + iterator = config + content { + type = config.value.type + minimal_action = config.value.minimal_action + min_ready_sec = config.value.min_ready_sec + max_surge_fixed = ( + config.value.max_surge_type == "fixed" ? config.value.max_surge : null + ) + max_surge_percent = ( + config.value.max_surge_type == "percent" ? config.value.max_surge : null + ) + max_unavailable_fixed = ( + config.value.max_unavailable_type == "fixed" ? config.value.max_unavailable : null + ) + max_unavailable_percent = ( + config.value.max_unavailable_type == "percent" ? config.value.max_unavailable : null + ) + } + } + dynamic named_port { + for_each = var.group_manager.named_ports != null ? var.group_manager.named_ports : {} + iterator = config + content { + name = config.key + port = config.value + } + } + version { + name = "${var.name}-default" + instance_template = google_compute_instance_template.default.0.self_link + } + dynamic version { + for_each = ( + var.group_manager.versions == null ? [] : [var.group_manager.versions] + ) + iterator = config + content { + name = config.value.name + instance_template = config.value.instance_template + target_size { + fixed = config.value.target_type == "fixed" ? config.value.target_size : null + percent = config.value.target_type == "percent" ? config.value.target_size : null + } + } + } +} + +resource "google_compute_region_instance_group_manager" "managed" { + count = ( + var.group_manager != null && var.use_instance_template + ? var.group_manager.regional ? 1 : 0 + : 0 + ) + project = var.project_id + region = var.region + name = var.name + base_instance_name = var.name + description = "Terraform-managed." + target_size = var.group_manager.target_size + target_pools = ( + var.group_manager.options == null + ? null + : var.group_manager.options.target_pools + ) + wait_for_instances = ( + var.group_manager.options == null + ? null + : var.group_manager.options.wait_for_instances + ) + dynamic auto_healing_policies { + for_each = ( + var.group_manager.auto_healing_policies == null + ? [] + : [var.group_manager.auto_healing_policies] + ) + iterator = config + content { + health_check = config.value.health_check + initial_delay_sec = config.value.initial_delay_sec + } + } + dynamic update_policy { + for_each = ( + var.group_manager.update_policy == null + ? [] + : [var.group_manager.update_policy] + ) + iterator = config + content { + type = config.value.type + minimal_action = config.value.minimal_action + min_ready_sec = config.value.min_ready_sec + max_surge_fixed = ( + config.value.max_surge_type == "fixed" ? config.value.max_surge : null + ) + max_surge_percent = ( + config.value.max_surge_type == "percent" ? config.value.max_surge : null + ) + max_unavailable_fixed = ( + config.value.max_unavailable_type == "fixed" ? config.value.max_unavailable : null + ) + max_unavailable_percent = ( + config.value.max_unavailable_type == "percent" ? config.value.max_unavailable : null + ) + } + } + dynamic named_port { + for_each = var.group.named_ports + iterator = config + content { + name = config.key + port = config.value + } + } + version { + name = "${var.name}-default" + instance_template = google_compute_instance_template.default.0.self_link + } + dynamic version { + for_each = ( + var.group_manager.versions == null ? [] : [var.group_manager.versions] + ) + iterator = config + content { + name = config.value.name + instance_template = config.value.instance_template + target_size { + fixed = config.value.target_type == "fixed" ? config.value.target_size : null + percent = config.value.target_type == "percent" ? config.value.target_size : null + } + } + } +} diff --git a/modules/compute-vm/outputs.tf b/modules/compute-vm/outputs.tf index 05cd7a4602..d463594b62 100644 --- a/modules/compute-vm/outputs.tf +++ b/modules/compute-vm/outputs.tf @@ -26,6 +26,28 @@ output "external_ips" { ) } +output "group" { + description = "Instance group resource." + value = ( + length(google_compute_instance_group.unmanaged) > 0 + ? google_compute_instance_group.unmanaged.0 + : null + ) +} + +output "group_manager" { + description = "Instance group resource." + value = ( + length(google_compute_instance_group_manager.managed) > 0 + ? google_compute_instance_group_manager.managed.0 + : ( + length(google_compute_region_instance_group_manager.managed) > 0 + ? google_compute_region_instance_group_manager.managed.0 + : null + ) + ) +} + output "instances" { description = "Instance resources." value = [for name, instance in google_compute_instance.default : instance] diff --git a/modules/compute-vm/variables.tf b/modules/compute-vm/variables.tf index bf6cff3bb7..9e3aefcc35 100644 --- a/modules/compute-vm/variables.tf +++ b/modules/compute-vm/variables.tf @@ -60,6 +60,47 @@ variable "boot_disk" { } } +variable "group" { + description = "Instance group (for instance use)." + type = object({ + named_ports = map(number) + }) + default = null +} + +variable "group_manager" { + description = "Instance group manager (for template use)." + type = object({ + auto_healing_policies = object({ + health_check = string + initial_delay_sec = number + }) + named_ports = map(number) + options = object({ + target_pools = list(string) + wait_for_instances = bool + }) + regional = bool + target_size = number + update_policy = object({ + type = string # OPPORTUNISTIC | PROACTIVE + minimal_action = string # REPLACE | RESTART + min_ready_sec = number + max_surge_type = string # fixed | percent + max_surge = number + max_unavailable_type = string + max_unavailable = number + }) + versions = list(object({ + name = string + instance_template = string + target_type = string # fixed | percent + target_size = number + })) + }) + default = null +} + variable "hostname" { description = "Instance FQDN name." type = string diff --git a/modules/dns/main.tf b/modules/dns/main.tf index 1f332ff3ac..f7a2b7b70f 100644 --- a/modules/dns/main.tf +++ b/modules/dns/main.tf @@ -16,7 +16,7 @@ locals { is_static_zone = var.type == "public" || var.type == "private" - recordsets = { + recordsets = var.recordsets == null ? {} : { for record in var.recordsets : join("/", [record.name, record.type]) => record } @@ -35,7 +35,11 @@ resource "google_dns_managed_zone" "non-public" { visibility = "private" dynamic forwarding_config { - for_each = var.type == "forwarding" ? { config = var.forwarders } : {} + for_each = ( + var.type == "forwarding" && var.forwarders != null + ? { config = var.forwarders } + : {} + ) iterator = config content { dynamic "target_name_servers" { @@ -49,7 +53,11 @@ resource "google_dns_managed_zone" "non-public" { } dynamic peering_config { - for_each = var.type == "peering" ? { config = var.peer_network } : {} + for_each = ( + var.type == "peering" && var.peer_network != null + ? { config = var.peer_network } + : {} + ) iterator = config content { target_network { @@ -104,7 +112,11 @@ resource "google_dns_managed_zone" "public" { } resource "google_dns_record_set" "cloud-static-records" { - for_each = local.recordsets + for_each = ( + var.type == "public" || var.type == "private" + ? local.recordsets + : {} + ) project = var.project_id managed_zone = var.name name = each.value.name != "" ? "${each.value.name}.${var.domain}" : var.domain diff --git a/modules/dns/variables.tf b/modules/dns/variables.tf index c15e81b372..0991038c0e 100644 --- a/modules/dns/variables.tf +++ b/modules/dns/variables.tf @@ -56,6 +56,7 @@ variable "domain" { type = string } +# TODO(ludoo): add support for forwarding path attribute variable "forwarders" { description = "List of target name servers, only valid for 'forwarding' zone types." type = list(string) diff --git a/tests/__init__.py b/tests/__init__.py index 35dff2e86e..6913f02e36 100644 --- a/tests/__init__.py +++ b/tests/__init__.py @@ -1,14 +1,13 @@ -# Copyright 2019 Google LLC -# +# Copyright 2020 Google LLC +# # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # -# https://www.apache.org/licenses/LICENSE-2.0 +# http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - diff --git a/tests/conftest.py b/tests/conftest.py index 81402b8ed2..1bfedb180b 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -1,10 +1,10 @@ -# Copyright 2019 Google LLC +# Copyright 2020 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # -# https://www.apache.org/licenses/LICENSE-2.0 +# http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, @@ -12,82 +12,29 @@ # See the License for the specific language governing permissions and # limitations under the License. -"Shared fixtures." +"Shared fixtures" -import collections import os - import pytest import tftest -# top-level repository folder -_BASEDIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) - -# fixture result -Result = collections.namedtuple( - 'Result', 'terraform plan output destroy') +BASEDIR = os.path.dirname(os.path.dirname(__file__)) @pytest.fixture(scope='session') -def plan(): +def plan_runner(): + "Returns a function to run Terraform plan on a fixture." - def run_plan(testdir): - tfdir = testdir.replace('_', '-') - tf = tftest.TerraformTest(tfdir, _BASEDIR, + def run_plan(fixture_path, **tf_vars): + "Runs Terraform plan and returns parsed output" + tf = tftest.TerraformTest(fixture_path, BASEDIR, os.environ.get('TERRAFORM', 'terraform')) - tf.setup(extra_files=['tests/{}/terraform.tfvars'.format(testdir)]) - return tf.plan(output=True) + tf.setup() + plan = tf.plan(output=True, tf_vars=tf_vars) + return ( + plan, + plan.planned_values['root_module']['child_modules'][0]['resources'] + ) return run_plan - - -@pytest.fixture(scope='session') -def run_fixture(): - "Returns a function to run Terraform on a fixture." - - def run(fixture_path, extra_files=None, run_plan=True, run_apply=True, - run_destroy=not os.environ.get('TFTEST_INCREMENTAL')): - """Runs Terraform on fixture and return result. - - Convenience method to wrap a tftest instance for a single fixture. Runs - init on the tftest instance and optionally runs plan, aply and destroy, - returning outputs. - - Args: - fixture_path: the relative path from root to the fixture folder - extra_files: extra files that are passed in to tftest for injection - run_plan: run plan on the tftest instance - run_apply: run apply on the tftest instance - run_destroy: run destroy on the tftest instance, skips destroy by - default if the TFTEST_INCREMENTAL environment variable is set - - Returns: - A Result named tuple with the tftest instance and outputs for plan, - output and destroy. - """ - tf = tftest.TerraformTest(fixture_path, _BASEDIR, - os.environ.get('TERRAFORM', 'terraform')) - tf.setup(extra_files=extra_files, cleanup_on_exit=run_destroy) - plan = output = destroy = None - if run_plan: - plan = tf.plan(output=True) - if run_apply: - tf.apply() - output = tf.output(json_format=True) - if run_destroy: - tf.destroy() - return Result(tf, plan, output, destroy) - - return run - - -@pytest.fixture -def pretty_print(): - "Returns a fuction that pretty prints a data structure." - - def pretty_printer(data): - import json - print(json.dumps(data, indent=2)) - - return pretty_printer diff --git a/tests/foundations/__init__.py b/tests/foundations/__init__.py deleted file mode 100644 index 35dff2e86e..0000000000 --- a/tests/foundations/__init__.py +++ /dev/null @@ -1,14 +0,0 @@ -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - diff --git a/tests/foundations/business_units/__init__.py b/tests/foundations/business_units/__init__.py deleted file mode 100644 index 47be2ee286..0000000000 --- a/tests/foundations/business_units/__init__.py +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. diff --git a/tests/foundations/business_units/conftest.py b/tests/foundations/business_units/conftest.py deleted file mode 100644 index cb648e15af..0000000000 --- a/tests/foundations/business_units/conftest.py +++ /dev/null @@ -1,27 +0,0 @@ -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -"Plan fixture." - -import os - -import pytest - - -_TFDIR = os.path.sep.join(os.path.abspath(__file__).split(os.path.sep)[-3:-1]) - - -@pytest.fixture(scope='package') -def plan(plan): - return plan(_TFDIR) diff --git a/tests/foundations/business_units/terraform.tfvars b/tests/foundations/business_units/terraform.tfvars deleted file mode 100644 index 199cdc94d9..0000000000 --- a/tests/foundations/business_units/terraform.tfvars +++ /dev/null @@ -1,9 +0,0 @@ -billing_account_id = "012345-ABCDEF-012345" -business_unit_1_name = "infra" -business_unit_2_name = "analytics" -business_unit_3_name = "data" -environments = ["dev", "test"] -generate_service_account_keys = true -organization_id = "012345678919" -prefix = "fabric-org-env-3" -root_node = "folders/0123456789" diff --git a/tests/foundations/business_units/test_folders.py b/tests/foundations/business_units/test_folders.py deleted file mode 100644 index 2064922b3c..0000000000 --- a/tests/foundations/business_units/test_folders.py +++ /dev/null @@ -1,42 +0,0 @@ -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -"Test shared and business-units folders" - - -import pytest - - -def test_shared_folder(plan): - "Shared folder resource attributes must match variables." - root_node = plan.variables['root_node'] - resource = plan.modules['module.shared-folder'].resources['google_folder.folders[0]'] - assert resource['values']['parent'] == root_node - assert resource['values']['display_name'] == 'shared' - - -def test_business_unit_folders(plan): - "Business Unit folder resource attributes must match variables." - address_tpl = ( - 'module.business-unit-%s-folders.module.business-unit-folder' - '.google_folder.folders[0]' - ) - count = range(1, 4) - business_unit_names = [ - plan.variables['business_unit_%s_name' % i] for i in count] - root_node = plan.variables['root_node'] - for address in [address_tpl % i for i in count]: - resource = plan.resource_changes[address] - assert resource['change']['after']['parent'] == root_node - assert resource['change']['after']['display_name'] in business_unit_names diff --git a/tests/foundations/business_units/test_outputs.py b/tests/foundations/business_units/test_outputs.py deleted file mode 100644 index c485b2e8c7..0000000000 --- a/tests/foundations/business_units/test_outputs.py +++ /dev/null @@ -1,48 +0,0 @@ -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -"Test root module outputs." - - -def test_project_ids(plan): - "Project ids should use prefix and match expected values." - prefix = plan.variables['prefix'] - assert plan.outputs['audit_logs_project'] == '%s-audit' % prefix - assert plan.outputs['shared_resources_project'] == '%s-shared' % prefix - assert plan.outputs['terraform_project'] == '%s-terraform' % prefix - - -def test_bucket_names(plan): - "GCS bucket names should use prefix and location and match expected values." - location = plan.variables['gcs_location'].lower() - prefix = plan.variables['prefix'] - bootstrap_bucket = plan.outputs['bootstrap_tf_gcs_bucket'] - assert bootstrap_bucket.startswith(prefix) - assert bootstrap_bucket.endswith('tf-bootstrap') - assert '-%s-' % location in bootstrap_bucket - - -def test_environment_buckets(plan): - "One GCS bucket should be created for each environment." - buckets = plan.outputs['environment_tf_gcs_buckets'] - for environment in plan.variables['environments']: - assert environment in buckets - assert buckets[environment].endswith(environment) - - -def test_bq_dataset(plan): - "Bigquery dataset name should be based on root node type and id." - node_type, node_id = plan.variables['root_node'].split('/') - assert plan.outputs['audit_logs_bq_dataset'] == 'logs_audit_%s_%s' % ( - node_type[:-1], node_id) diff --git a/tests/foundations/business_units/test_projects.py b/tests/foundations/business_units/test_projects.py deleted file mode 100644 index 23194afa55..0000000000 --- a/tests/foundations/business_units/test_projects.py +++ /dev/null @@ -1,46 +0,0 @@ -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -"Test project creation in root module." - - -import pytest - - -@pytest.fixture(scope='module') -def project_modules(plan): - names = ['module.project-%s' % - name for name in ('audit', 'shared-resources', 'tf')] - return dict((name, plan.modules[name]) for name in names) - - -def test_project_resource(plan, project_modules): - "Project resource attributes must match variables." - names = ('shared', 'terraform', 'audit') - prefix = plan.variables['prefix'] - billing_account = plan.variables['billing_account_id'] - project_names = ['%s-%s' % (prefix, name) for name in names] - for mod in project_modules.values(): - resource = mod.resources['google_project.project'] - assert resource['values']['billing_account'] == billing_account - assert resource['values']['name'] in project_names - - -def test_project_services(plan, project_modules): - "Project service resource must enable APIs specified in the variable." - num_services = len(plan.variables['project_services']) - for mod in project_modules.values(): - project_services = [r for r in mod.resources if r.startswith( - 'google_project_service.project_services')] - assert len(project_services) >= num_services diff --git a/tests/foundations/business_units/test_service_accounts.py b/tests/foundations/business_units/test_service_accounts.py deleted file mode 100644 index 65640f1a20..0000000000 --- a/tests/foundations/business_units/test_service_accounts.py +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -"Test service account creation in root module." - - -import pytest - - -@pytest.fixture(scope='module') -def mod(plan): - return plan.modules['module.service-accounts-tf-environments'] - - -def test_accounts(plan, mod): - "One service account per environment should be created." - environments = plan.variables['environments'] - prefix = plan.variables['prefix'] - resources = [ - v for k, v in mod.resources.items() if 'google_service_account.' in k] - assert len(resources) == len(environments) - assert sorted([res['values']['account_id'] for res in resources]) == sorted([ - '%s-%s' % (prefix, env) for env in environments]) diff --git a/tests/foundations/environments/__init__.py b/tests/foundations/environments/__init__.py deleted file mode 100644 index 35dff2e86e..0000000000 --- a/tests/foundations/environments/__init__.py +++ /dev/null @@ -1,14 +0,0 @@ -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - diff --git a/tests/foundations/environments/conftest.py b/tests/foundations/environments/conftest.py deleted file mode 100644 index cb648e15af..0000000000 --- a/tests/foundations/environments/conftest.py +++ /dev/null @@ -1,27 +0,0 @@ -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -"Plan fixture." - -import os - -import pytest - - -_TFDIR = os.path.sep.join(os.path.abspath(__file__).split(os.path.sep)[-3:-1]) - - -@pytest.fixture(scope='package') -def plan(plan): - return plan(_TFDIR) diff --git a/tests/foundations/environments/terraform.tfvars b/tests/foundations/environments/terraform.tfvars deleted file mode 100644 index acc2a16bf6..0000000000 --- a/tests/foundations/environments/terraform.tfvars +++ /dev/null @@ -1,7 +0,0 @@ -billing_account_id = "012345-ABCDEF-012345" -environments = ["dev", "test"] -generate_service_account_keys = true -grant_xpn_roles = true -organization_id = "012345678919" -prefix = "fabric-org-env-3" -root_node = "folders/0123456789" diff --git a/tests/foundations/environments/test_outputs.py b/tests/foundations/environments/test_outputs.py deleted file mode 100644 index 64f3ca3911..0000000000 --- a/tests/foundations/environments/test_outputs.py +++ /dev/null @@ -1,47 +0,0 @@ -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -"Test root module outputs." - - -def test_project_ids(plan): - "Project ids should use prefix and match expected values." - prefix = plan.variables['prefix'] - assert plan.outputs['audit_logs_project'] == prefix + '-audit' - assert plan.outputs['shared_resources_project'] == prefix + '-shared' - assert plan.outputs['terraform_project'] == prefix + '-terraform' - - -def test_bucket_names(plan): - "GCS bucket names should use prefix and location and match expected values." - location = plan.variables['gcs_location'].lower() - prefix = plan.variables['prefix'] - bootstrap_bucket = plan.outputs['bootstrap_tf_gcs_bucket'] - assert bootstrap_bucket.startswith(prefix) - assert bootstrap_bucket.endswith('tf-bootstrap') - assert '-%s-' % location in bootstrap_bucket - - -def test_environment_buckets(plan): - "One GCS bucket should be created for each environment." - buckets = plan.outputs['environment_tf_gcs_buckets'] - for environment in plan.variables['environments']: - assert environment in buckets - assert buckets[environment].endswith(environment) - - -def test_bq_dataset(plan): - "Bigquery dataset should be named after the first environment." - assert plan.outputs['audit_logs_bq_dataset'].endswith( - plan.variables['environments'][0]) diff --git a/tests/foundations/environments/test_projects.py b/tests/foundations/environments/test_projects.py deleted file mode 100644 index 26d30639aa..0000000000 --- a/tests/foundations/environments/test_projects.py +++ /dev/null @@ -1,44 +0,0 @@ -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -"Test project creation in root module." - - -import pytest - - -@pytest.fixture(scope='module') -def project_modules(plan): - names = ['module.project-%s' % - name for name in ('audit', 'shared-resources', 'tf')] - return dict((name, plan.modules[name]) for name in names) - - -def test_project_resource(plan, project_modules): - "Project resource attributes must match variables." - root_node = plan.variables['root_node'].split('/')[1] - billing_account = plan.variables['billing_account_id'] - for name, mod in project_modules.items(): - resource = mod.resources['google_project.project'] - assert resource['values']['folder_id'] == root_node - assert resource['values']['billing_account'] == billing_account - - -def test_project_services(plan, project_modules): - "Project service resource must enable APIs specified in the variable." - num_services = len(plan.variables['project_services']) - for mod in project_modules.values(): - project_services = [r for r in mod.resources if r.startswith( - 'google_project_service.project_services')] - assert len(project_services) >= num_services diff --git a/tests/foundations/environments/test_service_accounts.py b/tests/foundations/environments/test_service_accounts.py deleted file mode 100644 index 65640f1a20..0000000000 --- a/tests/foundations/environments/test_service_accounts.py +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -"Test service account creation in root module." - - -import pytest - - -@pytest.fixture(scope='module') -def mod(plan): - return plan.modules['module.service-accounts-tf-environments'] - - -def test_accounts(plan, mod): - "One service account per environment should be created." - environments = plan.variables['environments'] - prefix = plan.variables['prefix'] - resources = [ - v for k, v in mod.resources.items() if 'google_service_account.' in k] - assert len(resources) == len(environments) - assert sorted([res['values']['account_id'] for res in resources]) == sorted([ - '%s-%s' % (prefix, env) for env in environments]) diff --git a/tests/infrastructure/hub_and_spoke_vpns/conftest.py b/tests/infrastructure/hub_and_spoke_vpns/conftest.py deleted file mode 100644 index cb648e15af..0000000000 --- a/tests/infrastructure/hub_and_spoke_vpns/conftest.py +++ /dev/null @@ -1,27 +0,0 @@ -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -"Plan fixture." - -import os - -import pytest - - -_TFDIR = os.path.sep.join(os.path.abspath(__file__).split(os.path.sep)[-3:-1]) - - -@pytest.fixture(scope='package') -def plan(plan): - return plan(_TFDIR) diff --git a/tests/infrastructure/hub_and_spoke_vpns/terraform.tfvars b/tests/infrastructure/hub_and_spoke_vpns/terraform.tfvars deleted file mode 100644 index cfe767c3d3..0000000000 --- a/tests/infrastructure/hub_and_spoke_vpns/terraform.tfvars +++ /dev/null @@ -1,3 +0,0 @@ -hub_project_id = "automation-examples" -spoke_1_project_id = "automation-examples" -spoke_2_project_id = "automation-examples" diff --git a/tests/infrastructure/hub_and_spoke_vpns/test_cloud_routers.py b/tests/infrastructure/hub_and_spoke_vpns/test_cloud_routers.py deleted file mode 100644 index 8a3dd77a9c..0000000000 --- a/tests/infrastructure/hub_and_spoke_vpns/test_cloud_routers.py +++ /dev/null @@ -1,38 +0,0 @@ -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -"Test cloud routers resources creation in root module." - - -def test_hub_custom_routers(plan): - "Hub to spoke routers should match input variables." - for i in (1, 2): - router = plan.resources['google_compute_router.hub-to-spoke-%s-custom[0]' % i] - bgp = router['values']['bgp'][0] - assert bgp['advertise_mode'] == 'CUSTOM' - assert bgp['advertised_groups'] == ['ALL_SUBNETS'] - assert bgp['asn'] == plan.variables['hub_bgp_asn'] - subnet_ranges = [s['subnet_ip'] - for s in plan.variables['spoke_%s_subnets' % (3 - i)]] - assert [r['range'] for r in bgp['advertised_ip_ranges']] == subnet_ranges - - -def test_spoke_routers(plan): - "Spoke routers should match input variables." - for i in (1, 2): - router = plan.resources['google_compute_router.spoke-%s' % i] - bgp = router['values']['bgp'][0] - assert bgp['advertise_mode'] == 'DEFAULT' - assert bgp['advertised_groups'] == None - assert bgp['asn'] == plan.variables['spoke_%s_bgp_asn' % i] diff --git a/tests/infrastructure/hub_and_spoke_vpns/test_firewall.py b/tests/infrastructure/hub_and_spoke_vpns/test_firewall.py deleted file mode 100644 index cbba86f9b9..0000000000 --- a/tests/infrastructure/hub_and_spoke_vpns/test_firewall.py +++ /dev/null @@ -1,37 +0,0 @@ -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -"Test firewall resources creation in root module." - - -import pytest - - -@pytest.fixture(scope='module') -def firewall_modules(plan): - return [v for k, v in plan.modules.items() if k.startswith('module.firewall-')] - - -def test_firewall_rules(plan, firewall_modules): - "Test that the hub and spoke VPCs have allow-admin firewall rules" - source_ranges = [] - for k in plan.variables: - if not k.endswith('_subnets'): - continue - source_ranges += [s['subnet_ip'] for s in plan.variables[k]] - for mod in firewall_modules: - allow_admins_resource = mod.resources['google_compute_firewall.allow-admins[0]'] - allow_ssh = mod.resources['google_compute_firewall.allow-tag-ssh[0]'] - assert allow_admins_resource['values']['source_ranges'] == source_ranges - assert allow_ssh['values']['source_ranges'] == ['0.0.0.0/0'] diff --git a/tests/infrastructure/hub_and_spoke_vpns/test_outputs.py b/tests/infrastructure/hub_and_spoke_vpns/test_outputs.py deleted file mode 100644 index 819c0d3610..0000000000 --- a/tests/infrastructure/hub_and_spoke_vpns/test_outputs.py +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -"Test root module outputs." - - -def test_hub_outputs(plan): - "Hub VPC ranges and regions should match input variables." - output = plan.outputs['hub'] - for subnet in plan.variables['hub_subnets']: - name = subnet['subnet_name'] - assert output['subnets_ips'][name] == subnet['subnet_ip'] - assert output['subnets_regions'][name] == subnet['subnet_region'] - - -def test_spokes_outputs(plan): - "Spokes VPC ranges and regions should match input variables." - for i in (1, 2): - output = plan.outputs['spoke-%s' % i] - for subnet in plan.variables['spoke_%s_subnets' % i]: - name = subnet['subnet_name'] - assert output['subnets_ips'][name] == subnet['subnet_ip'] - assert output['subnets_regions'][name] == subnet['subnet_region'] diff --git a/tests/infrastructure/hub_and_spoke_vpns/test_vpns.py b/tests/infrastructure/hub_and_spoke_vpns/test_vpns.py deleted file mode 100644 index 5cd0697b5f..0000000000 --- a/tests/infrastructure/hub_and_spoke_vpns/test_vpns.py +++ /dev/null @@ -1,35 +0,0 @@ -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -"Test VPN BGP ASNs in root module." - - -import pytest - - -def test_spokes_peer_asn(plan): - "Test that the spoke-to-hub VPNs mach input variables" - mods = [v for k, v in plan.modules.items() if k.startswith('module.vpn-spoke')] - for mod in mods: - bgp_peer = mod.resources['google_compute_router_peer.bgp_peer[0]'] - assert bgp_peer['values']['peer_asn'] == plan.variables['hub_bgp_asn'] - - -def test_hub_peer_asns(plan): - "Test that the hub-to-spoke VPNs mach input variables" - mods = [v for k, v in plan.modules.items() if k.startswith('module.vpn-hub')] - for mod in mods: - bgp_peer = mod.resources['google_compute_router_peer.bgp_peer[0]'] - asn_varname = 'spoke_%s_bgp_asn' % mod['address'][-1] - assert bgp_peer['values']['peer_asn'] == plan.variables[asn_varname] diff --git a/tests/infrastructure/shared_vpc/conftest.py b/tests/infrastructure/shared_vpc/conftest.py deleted file mode 100644 index cb648e15af..0000000000 --- a/tests/infrastructure/shared_vpc/conftest.py +++ /dev/null @@ -1,27 +0,0 @@ -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -"Plan fixture." - -import os - -import pytest - - -_TFDIR = os.path.sep.join(os.path.abspath(__file__).split(os.path.sep)[-3:-1]) - - -@pytest.fixture(scope='package') -def plan(plan): - return plan(_TFDIR) diff --git a/tests/infrastructure/shared_vpc/terraform.tfvars b/tests/infrastructure/shared_vpc/terraform.tfvars deleted file mode 100644 index 4514993ff3..0000000000 --- a/tests/infrastructure/shared_vpc/terraform.tfvars +++ /dev/null @@ -1,4 +0,0 @@ -root_node = "folders/1234567890" -prefix = "fabric-svpc" -billing_account_id = "012345-012345-012345" -owners_gce = ["user:user@example.com"] diff --git a/tests/infrastructure/shared_vpc/test_outputs.py b/tests/infrastructure/shared_vpc/test_outputs.py deleted file mode 100644 index c8ca16ede4..0000000000 --- a/tests/infrastructure/shared_vpc/test_outputs.py +++ /dev/null @@ -1,29 +0,0 @@ -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -"Test root module outputs." - - -def test_vpc_ranges(plan): - "VPC ranges should match input variables." - ranges = plan.outputs['vpc_subnets'] - for subnet in plan.variables['subnets']: - assert ranges[subnet['subnet_name']] == subnet['subnet_ip'] - - -def test_project_ids(plan): - "Project ids should use prefix and match expected values." - prefix = plan.variables['prefix'] - assert plan.outputs['host_project_id'] == prefix + '-vpc-host' - assert plan.outputs['service_project_ids']['gce'] == prefix + '-gce' diff --git a/tests/infrastructure/shared_vpc/test_svpc_resources.py b/tests/infrastructure/shared_vpc/test_svpc_resources.py deleted file mode 100644 index 1e7816069c..0000000000 --- a/tests/infrastructure/shared_vpc/test_svpc_resources.py +++ /dev/null @@ -1,62 +0,0 @@ -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -"Test shared vpc resources in root module." - - -import pytest - - -@pytest.fixture(scope='module') -def mod(plan): - return plan.modules['module.net-svpc-access'] - - -def test_host_vpc(plan): - "Test that the vpc project is set as shared vpc host." - mod = plan.modules['module.net-vpc-host'] - resources = [v['values'] for v in mod.resources.values() if v['type'] == - 'google_compute_shared_vpc_host_project'] - assert resources[0]['project'] == plan.outputs['host_project_id'] - - -def test_service_projects(plan, mod): - "Test that service projects are registered with the shared vpc." - resources = [v['values'] for v in mod.resources.values() if v['type'] == - 'google_compute_shared_vpc_service_project'] - assert len(resources) == 2 - assert set([r['host_project'] for r in resources]) == set( - [plan.outputs['host_project_id']]) - assert sorted([r['service_project'] for r in resources]) == sorted( - plan.outputs['service_project_ids'].values()) - - -def test_subnet_users(plan, mod): - "Test that the network user role is assigned on subnets." - resources = [v['values'] for v in mod.resources.values() if v['type'] == - 'google_compute_subnetwork_iam_binding'] - assert len(resources) == 2 - assert set([r['project'] for r in resources]) == set( - [plan.outputs['host_project_id']]) - assert sorted([r['subnetwork'] for r in resources]) == ['gce', 'gke'] - - -def test_service_agent(plan, mod): - "Test that the service agent role is assigned for gke only." - resources = [v['values'] for v in mod.resources.values() if v['type'] == - 'google_project_iam_binding'] - assert resources[0] == { - 'project': plan.outputs['host_project_id'], - 'role': 'roles/container.hostServiceAgentUser' - } diff --git a/tests/infrastructure/hub_and_spoke_vpns/__init__.py b/tests/modules/__init__.py similarity index 86% rename from tests/infrastructure/hub_and_spoke_vpns/__init__.py rename to tests/modules/__init__.py index 086a24e64e..6913f02e36 100644 --- a/tests/infrastructure/hub_and_spoke_vpns/__init__.py +++ b/tests/modules/__init__.py @@ -1,10 +1,10 @@ -# Copyright 2019 Google LLC +# Copyright 2020 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # -# https://www.apache.org/licenses/LICENSE-2.0 +# http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, diff --git a/tests/infrastructure/__init__.py b/tests/modules/compute_vm/__init__.py similarity index 86% rename from tests/infrastructure/__init__.py rename to tests/modules/compute_vm/__init__.py index 086a24e64e..6913f02e36 100644 --- a/tests/infrastructure/__init__.py +++ b/tests/modules/compute_vm/__init__.py @@ -1,10 +1,10 @@ -# Copyright 2019 Google LLC +# Copyright 2020 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # -# https://www.apache.org/licenses/LICENSE-2.0 +# http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, diff --git a/tests/modules/compute_vm/fixture/main.tf b/tests/modules/compute_vm/fixture/main.tf new file mode 100644 index 0000000000..4f4b3b36d2 --- /dev/null +++ b/tests/modules/compute_vm/fixture/main.tf @@ -0,0 +1,34 @@ +/** + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +module "test" { + source = "../../../../modules/compute-vm" + project_id = "my-project" + region = "europe-west1" + zone = "europe-west1-b" + name = "test" + network_interfaces = [{ + network = "https://www.googleapis.com/compute/v1/projects/my-project/global/networks/default", + subnetwork = "https://www.googleapis.com/compute/v1/projects/my-project/regions/europe-west1/subnetworks/default-default", + nat = false, + addresses = null + }] + service_account_create = var.service_account_create + instance_count = var.instance_count + use_instance_template = var.use_instance_template + group = var.group + group_manager = var.group_manager +} diff --git a/tests/modules/compute_vm/fixture/variables.tf b/tests/modules/compute_vm/fixture/variables.tf new file mode 100644 index 0000000000..7b2b9aad23 --- /dev/null +++ b/tests/modules/compute_vm/fixture/variables.tf @@ -0,0 +1,40 @@ +/** + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +variable "group" { + type = any + default = null +} + +variable "group_manager" { + type = any + default = null +} + +variable "instance_count" { + type = number + default = 1 +} + +variable "use_instance_template" { + type = bool + default = false +} + +variable "service_account_create" { + type = bool + default = false +} diff --git a/tests/modules/compute_vm/test_plan.py b/tests/modules/compute_vm/test_plan.py new file mode 100644 index 0000000000..009309984c --- /dev/null +++ b/tests/modules/compute_vm/test_plan.py @@ -0,0 +1,46 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +import os +import pytest + + +FIXTURES_DIR = os.path.join(os.path.dirname(__file__), 'fixture') + + +def test_single_instance(plan_runner): + plan, resources = plan_runner(FIXTURES_DIR) + assert len(resources) == 1 + assert resources[0]['type'] == 'google_compute_instance' + + +def test_multiple_instances(plan_runner): + plan, resources = plan_runner(FIXTURES_DIR, instance_count=2) + assert len(resources) == 2 + assert set(r['type'] for r in resources) == set(['google_compute_instance']) + + +def test_service_account(plan_runner): + plan, resources = plan_runner(FIXTURES_DIR, instance_count=2, + service_account_create='true') + assert len(resources) == 3 + assert 'google_service_account' in [r['type'] for r in resources] + + +def test_template(plan_runner): + plan, resources = plan_runner(FIXTURES_DIR, use_instance_template='true') + assert len(resources) == 1 + assert resources[0]['type'] == 'google_compute_instance_template' + assert resources[0]['values']['name_prefix'] == 'test-' diff --git a/tests/modules/compute_vm/test_plan_group.py b/tests/modules/compute_vm/test_plan_group.py new file mode 100644 index 0000000000..de198d731c --- /dev/null +++ b/tests/modules/compute_vm/test_plan_group.py @@ -0,0 +1,44 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +import os +import pytest + + +FIXTURES_DIR = os.path.join(os.path.dirname(__file__), 'fixture') + + +def test_unmanaged(plan_runner): + plan, resources = plan_runner(FIXTURES_DIR, instance_count=2, + group='{named_ports={}}') + assert len(resources) == 3 + assert set(r['type'] for r in resources) == set([ + 'google_compute_instance_group', 'google_compute_instance' + ]) + + +def test_managed(plan_runner): + plan, resources = plan_runner( + FIXTURES_DIR, use_instance_template='true', group_manager=( + '{ ' + 'auto_healing_policies=null, named_ports={}, options=null, ' + 'regional=false, target_size=1, update_policy=null, versions=null' + ' }' + ) + ) + assert len(resources) == 2 + assert set(r['type'] for r in resources) == set([ + 'google_compute_instance_group_manager', 'google_compute_instance_template' + ]) diff --git a/tests/infrastructure/shared_vpc/__init__.py b/tests/modules/dns/__init__.py similarity index 86% rename from tests/infrastructure/shared_vpc/__init__.py rename to tests/modules/dns/__init__.py index 086a24e64e..6913f02e36 100644 --- a/tests/infrastructure/shared_vpc/__init__.py +++ b/tests/modules/dns/__init__.py @@ -1,10 +1,10 @@ -# Copyright 2019 Google LLC +# Copyright 2020 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # -# https://www.apache.org/licenses/LICENSE-2.0 +# http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, diff --git a/tests/modules/dns/fixture/main.tf b/tests/modules/dns/fixture/main.tf new file mode 100644 index 0000000000..8f6bd0a773 --- /dev/null +++ b/tests/modules/dns/fixture/main.tf @@ -0,0 +1,29 @@ +/** + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +module "test" { + source = "../../../../modules/dns" + project_id = "my-project" + name = "test" + domain = "test.example." + client_networks = [ + "https://www.googleapis.com/compute/v1/projects/my-project/global/networks/default" + ] + type = var.type + forwarders = var.forwarders + peer_network = var.peer_network + recordsets = var.recordsets +} diff --git a/tests/modules/dns/fixture/variables.tf b/tests/modules/dns/fixture/variables.tf new file mode 100644 index 0000000000..a00eaeae15 --- /dev/null +++ b/tests/modules/dns/fixture/variables.tf @@ -0,0 +1,43 @@ +/** + * Copyright 2020 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +variable "forwarders" { + type = list(string) + default = null +} + +variable "peer_network" { + type = string + default = null +} + +variable "recordsets" { + type = list(object({ + name = string + type = string + ttl = number + records = list(string) + })) + default = [ + { name = "localhost", type = "A", ttl = 300, records = ["127.0.0.1"] }, + { name = "local-host", type = "A", ttl = 300, records = ["127.0.0.2"] } + ] +} + +variable "type" { + type = string + default = "private" +} diff --git a/tests/modules/dns/test_plan.py b/tests/modules/dns/test_plan.py new file mode 100644 index 0000000000..135adc95fe --- /dev/null +++ b/tests/modules/dns/test_plan.py @@ -0,0 +1,80 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +import os +import pytest + + +FIXTURES_DIR = os.path.join(os.path.dirname(__file__), 'fixture') + + +def test_private(plan_runner): + "Test private zone with two recordsets." + _, resources = plan_runner(FIXTURES_DIR) + assert len(resources) == 3 + assert set(r['type'] for r in resources) == set([ + 'google_dns_record_set', 'google_dns_managed_zone' + ]) + for r in resources: + if r['type'] != 'google_dns_managed_zone': + continue + assert r['values']['visibility'] == 'private' + assert len(r['values']['private_visibility_config']) == 1 + + +def test_forwarding_recordsets_null_forwarders(plan_runner): + "Test forwarding zone with wrong set of attributes does not break." + _, resources = plan_runner(FIXTURES_DIR, type='forwarding') + assert len(resources) == 1 + resource = resources[0] + assert resource['type'] == 'google_dns_managed_zone' + assert resource['values']['forwarding_config'] == [] + + +def test_forwarding(plan_runner): + "Test forwarding zone with single forwarder." + _, resources = plan_runner( + FIXTURES_DIR, type='forwarding', recordsets='null', + forwarders='["dummy-vpc-self-link"]') + assert len(resources) == 1 + resource = resources[0] + assert resource['type'] == 'google_dns_managed_zone' + assert resource['values']['forwarding_config'] == [{'target_name_servers': [ + {'forwarding_path': '', 'ipv4_address': 'dummy-vpc-self-link'}]}] + + +def test_peering(plan_runner): + "Test peering zone." + _, resources = plan_runner(FIXTURES_DIR, type='peering', + recordsets='null', peer_network='dummy-vpc-self-link') + assert len(resources) == 1 + resource = resources[0] + assert resource['type'] == 'google_dns_managed_zone' + assert resource['values']['peering_config'] == [ + {'target_network': [{'network_url': 'dummy-vpc-self-link'}]}] + + +def test_public(plan_runner): + "Test public zone with two recordsets." + _, resources = plan_runner(FIXTURES_DIR, type='public') + assert len(resources) == 3 + assert set(r['type'] for r in resources) == set([ + 'google_dns_record_set', 'google_dns_managed_zone' + ]) + for r in resources: + if r['type'] != 'google_dns_managed_zone': + continue + assert r['values']['visibility'] == 'public' + assert r['values']['private_visibility_config'] == [] diff --git a/tests/modules/logging_sinks/fixtures/test_variable/main.tf b/tests/modules/logging_sinks/fixtures/test_variable/main.tf deleted file mode 100644 index 2d613e5598..0000000000 --- a/tests/modules/logging_sinks/fixtures/test_variable/main.tf +++ /dev/null @@ -1,76 +0,0 @@ -/** - * Copyright 2019 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -module "sinks" { - source = "../../../../../modules/logging-sinks" - sinks = [ - { - name = "organization-1" - resource = "organizations/12345678" - filter = "filter: org_simple" - destination = "destination: org_simple" - options = null - }, - { - name = "billing-1" - resource = "billing_accounts/12345678" - filter = "filter: billing_simple" - destination = "bigquery destination: billing_simple" - options = { - bigquery_partitioned_tables = true - include_children = false - unique_writer_identity = null - } - }, - { - name = "folder-1" - resource = "folders/12345678" - filter = "filter: folder_simple" - destination = "bigquery destination: folder_simple" - options = { - bigquery_partitioned_tables = false - include_children = false - unique_writer_identity = null - } - }, - { - name = "project-1" - resource = "projects/12345678" - filter = "filter: project-1" - destination = "destination: project-1" - options = { - bigquery_partitioned_tables = null - include_children = true - unique_writer_identity = null - } - }, - { - name = "project-2" - resource = "projects/12345678" - filter = "filter: project-2" - destination = "destination: project-2" - options = { - bigquery_partitioned_tables = null - include_children = null - unique_writer_identity = true - } - }, - ] -} - -output "names" { - value = module.sinks.names -} diff --git a/tests/modules/net_vpc/__init__.py b/tests/modules/net_vpc/__init__.py deleted file mode 100644 index 35dff2e86e..0000000000 --- a/tests/modules/net_vpc/__init__.py +++ /dev/null @@ -1,14 +0,0 @@ -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - diff --git a/tests/modules/net_vpc/conftest.py b/tests/modules/net_vpc/conftest.py deleted file mode 100644 index b7c13e6ff3..0000000000 --- a/tests/modules/net_vpc/conftest.py +++ /dev/null @@ -1,29 +0,0 @@ -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -"Apply fixture." - -import os - -import pytest - - -# path of this folder relative to root -_PATH = os.path.sep.join(os.path.abspath(__file__).split(os.path.sep)[-4:-1]) - - -@pytest.fixture(scope='module') -def fix_path(): - "Returns a function that prepends the test module path." - return lambda p: os.path.join(_PATH, p) diff --git a/tests/modules/net_vpc/fixtures/vpc-iam-bindings/main.tf b/tests/modules/net_vpc/fixtures/vpc-iam-bindings/main.tf deleted file mode 100644 index 7c8dbd8290..0000000000 --- a/tests/modules/net_vpc/fixtures/vpc-iam-bindings/main.tf +++ /dev/null @@ -1,90 +0,0 @@ -/** - * Copyright 2019 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "project_id" { - description = "Project id used for this fixture." - type = string -} - -variable "subnets" { - description = "Subnet definitions." - default = { - subnet-a = { - ip_cidr_range = "192.168.0.0/24" - region = "europe-west1" - secondary_ip_range = {} - }, - subnet-b = { - ip_cidr_range = "192.168.1.0/24" - region = "europe-west1" - secondary_ip_range = {} - }, - subnet-c = { - ip_cidr_range = "192.168.2.0/24" - region = "europe-west1" - secondary_ip_range = {} - }, - } -} - -locals { - members = [ - for s in google_service_account.binding_members : - "serviceAccount:${s.email}" - ] -} - -resource "google_service_account" "binding_members" { - for_each = toset(split(" ", "a b c d e")) - project = var.project_id - account_id = "user-${each.value}" -} - -module "vpc" { - source = "../../../../../modules/net-vpc" - project_id = var.project_id - name = "vpc-iam-bindings" - description = "Created by the vpc-iam-bindings fixture." - subnets = var.subnets - iam_roles = { - subnet-b = ["roles/compute.networkUser", "roles/compute.networkViewer"] - subnet-c = ["roles/compute.networkViewer"] - } - iam_members = { - subnet-b = { - "roles/compute.networkUser" = slice(local.members, 0, 2) - "roles/compute.networkViewer" = slice(local.members, 3, 4) - } - subnet-c = { - "roles/compute.networkViewer" = slice(local.members, 3, 5) - } - } -} - -output "network" { - description = "Network resource." - value = module.vpc.network -} - -output "subnets" { - description = "Subnet resources." - value = module.vpc.subnets -} - -output "bindings" { - description = "Subnet IAM bindings." - value = module.vpc.bindings -} diff --git a/tests/modules/net_vpc/fixtures/vpc-standalone/main.tf b/tests/modules/net_vpc/fixtures/vpc-standalone/main.tf deleted file mode 100644 index ec33dc1cbd..0000000000 --- a/tests/modules/net_vpc/fixtures/vpc-standalone/main.tf +++ /dev/null @@ -1,47 +0,0 @@ -/** - * Copyright 2019 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "name" { - description = "Network name." - type = string - default = "net-vpc-standalone" -} - -variable "project_id" { - description = "Project id used for this fixture." - type = string -} - -module "vpc-simple" { - source = "../../../../../modules/net-vpc" - project_id = var.project_id - name = var.name -} - -output "name" { - description = "Network name." - value = module.vpc-simple.name -} - -output "self_link" { - description = "Network self link." - value = module.vpc-simple.self_link -} - -output "subnets" { - description = "Subnet resources." - value = module.vpc-simple.subnets -} diff --git a/tests/modules/net_vpc/fixtures/vpc-subnets/main.tf b/tests/modules/net_vpc/fixtures/vpc-subnets/main.tf deleted file mode 100644 index c3db05e4fa..0000000000 --- a/tests/modules/net_vpc/fixtures/vpc-subnets/main.tf +++ /dev/null @@ -1,112 +0,0 @@ -/** - * Copyright 2019 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "project_id" { - description = "Project id used for this fixture." - type = string -} - -variable "subnets" { - description = "Subnet definitions." - default = { - subnet-simple = { - ip_cidr_range = "192.168.0.0/24" - region = "europe-west1" - secondary_ip_range = {} - }, - subnet-options = { - ip_cidr_range = "192.168.1.0/24" - region = "europe-west2" - secondary_ip_range = {} - }, - subnet-alias-ranges = { - ip_cidr_range = "192.168.2.0/24" - region = "europe-west1" - secondary_ip_range = { - alias-1 = "172.16.10.0/24" - alias-2 = "172.16.20.0/24" - } - } - } -} - -variable "subnet_descriptions" { - default = { - subnet-options = "Simple subnet with options." - subnet-alias-ranges = "Simple subnet with alias ranges." - } -} - -variable "subnet_flow_logs" { - default = { - subnet-options = true - subnet-alias-ranges = true - } -} - -variable "subnet_private_access" { - default = { - subnet-simple = false - subnet-options = true - } -} - -variable "log_configs" { - description = "Logging configurations." - default = { - subnet-alias-ranges = { - flow_sampling = 0.75 - } - } -} - -module "vpc" { - source = "../../../../../modules/net-vpc" - project_id = var.project_id - name = "vpc-subnets" - description = "Created by the vpc-subnets fixture." - routing_mode = "REGIONAL" - subnets = var.subnets - subnet_descriptions = var.subnet_descriptions - subnet_flow_logs = var.subnet_flow_logs - subnet_private_access = var.subnet_private_access - log_configs = var.log_configs -} - -output "network" { - description = "Network resource." - value = module.vpc.network -} - -output "subnets" { - description = "Subnet resources." - value = module.vpc.subnets -} - -output "subnet_ips" { - description = "Map of subnet address ranges keyed by name." - value = module.vpc.subnet_ips -} - -output "subnet_regions" { - description = "Map of subnet regions keyed by name." - value = module.vpc.subnet_regions -} - -output "subnet_secondary_ranges" { - description = "Map of subnet secondary ranges keyed by name." - value = module.vpc.subnet_secondary_ranges -} diff --git a/tests/modules/net_vpc/test_vpc_iam_bindings.py b/tests/modules/net_vpc/test_vpc_iam_bindings.py deleted file mode 100644 index a936fe60cc..0000000000 --- a/tests/modules/net_vpc/test_vpc_iam_bindings.py +++ /dev/null @@ -1,81 +0,0 @@ -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import collections -import re - -import pytest - - -Binding = collections.namedtuple('Binding', 'subnet role members') - - -@pytest.fixture(scope='module') -def result(run_fixture, fix_path): - "Runs fixture interpolating current path, and returns result." - return run_fixture(fix_path('fixtures/vpc-iam-bindings')) - - -@pytest.fixture(scope='module') -def bindings(result): - "Returns a streamlined list of bindings." - return [ - Binding(b['subnetwork'].split('/')[-1], b['role'], b['members']) - for b in result.output['bindings'].values() - ] - - -@pytest.fixture(scope='module') -def subnet_names(result): - "Returns the list of subnet names." - return [s['name'] for s in result.output['subnets'].values()] - - -def test_vpc_attributes(result): - "Test network attributes." - network = result.output['network'] - assert network['routing_mode'] == 'GLOBAL' - assert network['description'] == 'Created by the vpc-iam-bindings fixture.' - - -def test_subnet_names(result, subnet_names): - "Test subnet names output." - resource_names = sorted( - [s['name'] for s in result.output['subnets'].values()]) - assert resource_names == sorted(subnet_names) - - -def test_binding_roles(result, bindings, subnet_names): - "Test that the correct roles from IAM bindings are set." - assert len([b for b in bindings if b.subnet == 'subnet-a']) == 0 - assert set([b.role for b in bindings if b.subnet == 'subnet-b']) == set([ - 'roles/compute.networkUser', 'roles/compute.networkViewer' - ]) - assert [b.role for b in bindings if b.subnet == 'subnet-c'] == [ - 'roles/compute.networkViewer' - ] - - -def test_binding_members(result, bindings, subnet_names): - "Test that the correct members from IAM bindings are set." - r = re.compile(r'^serviceAccount:([^@]+)@.*$') - for b in bindings: - members = [r.sub(r'\1', m) for m in b.members] - if b.subnet == 'subnet-b': - if b.role == 'roles/compute.networkUser': - assert members == ['user-a', 'user-b'] - else: - assert members == ['user-d'] - else: - assert members == ['user-d', 'user-e'] diff --git a/tests/modules/net_vpc/test_vpc_standalone.py b/tests/modules/net_vpc/test_vpc_standalone.py deleted file mode 100644 index 1fa77394e6..0000000000 --- a/tests/modules/net_vpc/test_vpc_standalone.py +++ /dev/null @@ -1,29 +0,0 @@ -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import pytest - - -@pytest.fixture(scope='module') -def result(run_fixture, fix_path): - "Runs fixture interpolating current path, and returns result." - return run_fixture(fix_path('fixtures/vpc-standalone')) - - -def test_vpc_creation(result): - "Test that VPC is created with the correct attributes." - assert result.output['name'] == result.plan.variables['name'] - assert result.output['self_link'].endswith(result.plan.variables['name']) - assert result.plan.variables['project_id'] in result.output['self_link'] - assert result.output['subnets'] == {} diff --git a/tests/modules/net_vpc/test_vpc_subnets.py b/tests/modules/net_vpc/test_vpc_subnets.py deleted file mode 100644 index 36aa421b40..0000000000 --- a/tests/modules/net_vpc/test_vpc_subnets.py +++ /dev/null @@ -1,62 +0,0 @@ -# Copyright 2019 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import pytest - - -@pytest.fixture(scope='module') -def result(run_fixture, fix_path): - "Runs fixture interpolating current path, and returns result." - return run_fixture(fix_path('fixtures/vpc-subnets')) - - -def test_vpc_attributes(result): - "Test network attributes." - network = result.output['network'] - assert network['routing_mode'] == 'REGIONAL' - assert network['description'] == 'Created by the vpc-subnets fixture.' - - -def test_subnet_names(result): - "Test subnet names output." - resource_names = sorted([s['name'] - for s in result.output['subnets'].values()]) - assert resource_names == sorted( - [k for k in result.plan.variables['subnets']]) - - -def test_subnet_ips(result): - "Test subnet IPs output." - for name, attrs in result.plan.variables['subnets'].items(): - assert result.output['subnet_ips'][name] == attrs['ip_cidr_range'] - - -def test_subnet_regions(result): - "Test subnet regions output." - assert result.output['subnet_regions'] == dict( - (k, v['region']) for k, v in result.plan.variables['subnets'].items()) - - -def test_secondary_ip_ranges(result): - "Test subnet secondary ranges output." - for name, attrs in result.plan.variables['subnets'].items(): - assert attrs['secondary_ip_range'] == result.output['subnet_secondary_ranges'][name] - - -def test_flow_logs(result): - "Test that log config is set using the enable flow logs variable." - enable_flow_logs = result.plan.variables['subnet_flow_logs'] - for name, attrs in result.plan.variables['subnets'].items(): - log_config = enable_flow_logs.get(name, False) - assert len(result.output['subnets'][name]['log_config']) == log_config diff --git a/tests/requirements.txt b/tests/requirements.txt index 6f5740dffd..078c682c71 100644 --- a/tests/requirements.txt +++ b/tests/requirements.txt @@ -1,3 +1,2 @@ -pytest>=4.3.1 -pytest-tldr>=0.2.1 -tftest>=1.3.0 +pytest>=5.3.5 +tftest>=1.5.0